Skip to content

re: Token vs Session Authentication VIEW POST


In JWT, to validate the token, doesn't the server need to save it in a database? Doesn't it require space?

Or else, how is the validation done?


The JWT is signed from the server with a private key and then it is sent to the client, so the server can verify the token if it's legit or not.

code of conduct - report abuse